TW200304616A - Device and method for calculating a result of a division - Google Patents

Device and method for calculating a result of a division Download PDF

Info

Publication number
TW200304616A
TW200304616A TW092102937A TW92102937A TW200304616A TW 200304616 A TW200304616 A TW 200304616A TW 092102937 A TW092102937 A TW 092102937A TW 92102937 A TW92102937 A TW 92102937A TW 200304616 A TW200304616 A TW 200304616A
Authority
TW
Taiwan
Prior art keywords
result
integer
factor
denominator
patent application
Prior art date
Application number
TW092102937A
Other languages
Chinese (zh)
Inventor
Wieland Fischer
Original Assignee
Infineon Technologies Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Infineon Technologies Ag filed Critical Infineon Technologies Ag
Publication of TW200304616A publication Critical patent/TW200304616A/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/38Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
    • G06F7/48Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
    • G06F7/52Multiplying; Dividing
    • G06F7/535Dividing only
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • G06F2207/7261Uniform execution, e.g. avoiding jumps, or using formulae with the same power profile

Landscapes

  • Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computational Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Complex Calculations (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

A device for calculating a result an integer multiple of the result (Q) of a division of a numerator (A) by a denominator (N) comprises a means (12) for providing a factor that is selected such that a product of said factor and the denominator is greater than said result. The device comprises furthermore a means (14) for modular reduction of a first product of the numerator and the factor making use of a modulus that is equal to a sum of a second product of the denominator and the factor and an integer, in order to obtain an auxiliary quantity comprising said result. A means (16) is use for extracting the result or the integer multiple of the result from the auxiliary quantity. A division thus is broken down into a modular reduction and an extraction involving no computational expenditure, so that in particular with long-number division tasks, rapidity on the one hand and safety on the other hand are enhanced.

Description

200304616200304616

〔發明背景〕 本發明係有關於 本發明係有關於密碼演算法,特別是, 適合密碼應用的除法演算法。 〔習知技藝〕 到 在密碼演算法中,兩個長數的除法經常是不可 RSA演算法中,舉例來說,模數N乃是兩個質數p、q的乘 其中,q乃是利用N除以p得到,或者,p乃是利用N除以^得 倘若密碼共處理器(coprocess〇r )利用的除法^ (routine)並不是利用包括微命令(micr〇—c〇mma^), 其可以在内部快速釋發(work 〇ff ),的明確命令加以奋 施,則這個除法便需要利用軟體加以達成。有鑑於此,^知 序一方面會非常缓慢,另一方面亦會报難抵擋簡易 功率分析(SPA )的攻擊。 常見的除法程序,舉例來說,如”電腦算術”所述 (Henessy 及 Patterson ’Morgan Kaufmann 出版社,1996 年 )的回復除法、非回復除法等等,乃是基於暫存器的平移, 其中、,減法或加法乃是根據特定位元是否具有特定數值,分 別加以達成。這類程序非常容易受到簡易功率分析(spA ) 的攻擊:因為電流或功率消耗、及除此以外的時間消耗均會 取决於,處理的數目。因此,攻擊者便可以基於電流及時間 =線决疋待處理的數目、進而刺探,舉例來說,公鑰密碼演 鼻法的秘鑰。[Background of the Invention] The present invention relates to cryptographic algorithms, and in particular, to a division algorithm suitable for cryptographic applications. [Knowledge] In cryptographic algorithms, the division of two long numbers is often a non-RSA algorithm. For example, the modulus N is the product of two prime numbers p and q, and q is the use of N It is obtained by dividing by p, or p is obtained by dividing N by ^. If the password coprocessor (coprocess0r) is used ^ (routine) is not used to include micro-commands (micr〇-c〇mma ^), which It can be quickly released internally (work ffff), and the explicit order is carried out, then this division needs to be achieved by software. In view of this, on the one hand, the learning sequence will be very slow, and on the other hand, it will be difficult to resist the simple power analysis (SPA) attack. Common division procedures, for example, as described in "Computational Arithmetic" (Henessy and Patterson 'Morgan Kaufmann, 1996), are recursive divisions, non-revertive divisions, etc., which are based on register translation, where, Subtraction or addition is achieved separately according to whether a particular bit has a particular value. This type of program is very vulnerable to simple power analysis (spA): because current or power consumption, and other time consumption, depend on the number of processes. Therefore, the attacker can probe based on the current and time = the number of lines to be processed, and then probe, for example, the public key cryptographic nose key.

200304616 五、發明說明(2) 朴為克服乂個問題,習知方法便會設立所謂的虛擬運算, 藉以得到電流曲線的均質化。然而,虛擬運算的設立卻需要 承擔額外的效能損失,其甚至會高達·。。 有鑑於此,本發明的主要目的便是提供一種更有效率且更加 安全的方法,藉以完成除法計算的工作。 欣本發明的上述目的乃是利用申請專利範圍第1項所述計 ^除法、t果的裝置、或是利用中請專利範圍第土 5項所述計算 除法結果的方法加以達成。 本發明乃是基於下列發現,亦即:特別是在密碼目的 -,f ϊ ί法必須要離開傳統除法程序’才能執行除法計 ^艮 發明,除法可以藉著因數的加入而切割為模數約 为(modular reduction、 甘山 、丄, 這個因數與這個除法分母)(de其中·,V固因數;選擇乃是讓 這個除法的結果。這的乘積能夠大於 分母及這個因數的第二乃:利用模數(其等於這個 子(numerat〇r)與這個因數的第一乘 』 刀 個除法結果的辅助數量。最炊、>彻#班 到括廷 呌瞀-恶 士 & & 敢終’這個結果便可以不需要額夕1 计^化費,直接自這個輔助數量中開方出來。 根據本發明的方法,名 理數量(亦即··這個分子或^間曲線獨立於待處 有利。除此以外,這個模;二:丄;:”中、,將會格外 割結果)亦可以利用計算效^ ^彳,什算除法的最終切200304616 V. Description of the invention (2) To overcome a problem, the conventional method will set up a so-called virtual operation to obtain the homogenization of the current curve. However, the establishment of virtual computing needs to bear additional performance losses, which can even be as high as ·. . In view of this, the main object of the present invention is to provide a more efficient and safer method to complete the work of division calculation. I am glad that the above-mentioned object of the present invention is achieved by using a device for calculating division as described in item 1 of the scope of patent application, a device for fruiting, or a method for calculating the result of division as described in item 5 of the scope of patent application. The present invention is based on the following findings, that is: especially for cryptographic purposes, the f ϊ 法 method must leave the traditional division procedure 'in order to perform the division calculation. The invention can be divided by the addition of a factor into a modulus approximation For (modular reduction, Ganshan, 丄, this factor and this division denominator) (de where ·, V fixed factor; the choice is to make the result of this division. The product of this can be greater than the denominator and the second factor of this factor: use Modulus (which is equal to the first multiplication of this sub (numerat〇r) and this factor "Auxiliary number of the division result. The most cook, >## 班 到 班 廷 括-鬼 士 & & Dare to end 'This result can be calculated directly from this auxiliary quantity without the need to calculate the cost of the amount. According to the method of the present invention, the nominal quantity (that is, the numerator or the inter-curve curve is independent of where it is beneficial. . In addition, this module; two: 丄;: ",, will cut the result extra) can also use the calculation effect ^ ^ 什, even the final cut of the division

Wicien"的方法加以達成羊。(特= 200304616 五、發明說明(3) 法’在密瑪共處理器中,通常是利用硬體方式加以達成。因 此’這個模數約分便可以快速且有效地加以計算。 根據這個硬體的實施情況,在具有足夠長度的暫存器時,自 這個輔助數量中開方這個除法結果的步驟可以直接由一個長 數的暫存器中讀取。 或者’這個除法結果的開方步驟亦可以藉著額外的模數 約分及減法加以達成,在這種情況下,計算花費仍然會維持 在合理限度内,因為額外的模數約分亦可以利用具有效率的 約分電路(如密碼共處理器所呈現),快速且安全地實施。 另外’根據本發明的方法亦可以提供這個除法的具體加 速,並同時增加其安全性。長數的除法,在Infine〇n科技公 1 (慕尼黑,德國)供應的已知處理器先進密瑪引擎(A ◦ e )中,總共需要2 7時脈/位元。不過,根據本發明的除法, 在相同的處理器上,則僅需要6時脈/位元,其乃是對'應於4 5倍因數的加速。 心、· 同時’根據本發明的除法亦可以免於簡易功率分析 (SPA )的攻擊,因為電流及時間的消耗乃是獨立於處理數 目(亦即:這個分子及這個分母)的特定位元圖案。 〔較佳實施例〕 在詳細參考圖式前,本較佳實施例首先將推導 除法,其乃是基於這個分子及這個因數的第一乘積^ 分,其中,這個模數乃是等於這個分母及這個因數、一悉 積與一個整數的總和。 'Wicien " method to reach sheep. (Special = 200304616 V. Description of the invention (3) The method is usually implemented in hardware in the Mima coprocessor. Therefore, this modulus reduction can be calculated quickly and efficiently. According to this hardware In the implementation of a register with a sufficient length, the step of extracting the division result from this auxiliary quantity can be read directly from a register with a long number. Or 'the step of extracting the result of the division is also It can be achieved by additional modulus reduction and subtraction. In this case, the calculation cost will still be kept within reasonable limits, because the additional modulus reduction can also use efficient reduction circuits (such as password sharing Processor), implemented quickly and safely. In addition, the method according to the present invention can also provide a specific acceleration of this division and at the same time increase its security. The division of long numbers is described in Infineon Technology Corporation 1 (Munich, In Germany, a known processor advanced Mimar engine (A ◦ e) requires a total of 2 7 clocks / bit. However, according to the division of the present invention, the same place On the device, only 6 clocks / bits are needed, which is an acceleration corresponding to a factor of 4 5 times. At the same time, the division according to the present invention can also be exempted from the simple power analysis (SPA) attack. Because the consumption of current and time is a specific bit pattern that is independent of the number of processes (that is, this numerator and this denominator). [Preferred Embodiment] Before referring to the drawings in detail, the preferred embodiment will first derive the division , Which is based on the first product of the numerator and the factor ^ points, where the modulus is equal to the sum of the denominator and the factor, a complete product, and an integer.

200304616 五、發明說明(4)200304616 V. Description of Invention (4)

分母N 根據下列等式,本發明想要得到的結果Q乃是分子^ 除以Denominator N According to the following equation, the desired result Q of the present invention is the numerator ^ divided by

NN

A 不受普遍性限制,本發明可以假設這個分子A及這個八: 是二進位的數目,故下列兩個不等式均會成立: 刀母N均 a -ι < A < 2a η -ι < < 2n (2a (2b 不等式(2a )及(2b )乃是表示分子a及分母n的女,々 等式(1 )可以轉換如下: 、專級A is not limited by generality. The present invention can assume that the numerator A and the eight are: the number of binary, so the following two inequalities will hold: the knife mother N is a -ι < A < 2a η -ι & lt < 2n (2a (2b inequality (2a) and (2b) are the females representing the numerator a and denominator n, 々 equation (1) can be converted as follows:

A Η (3a 等式(3a)的數值Η可以計算如下 ΗA Η (3a Equation (3a) The value Η can be calculated as follows: Η

AA

QQ

N (3b 結果Q,其將會在下文討 其中,數值H係大於或等於〇且小於N 由等式(3 )可知,這個除法 ’ 乃疋整數結果’而這個數吾 分调的這個除法結果便可以H :餘數。因此,分子u 數Η則可以利用分構Λ斤謂的算結果,而食 為模數、經由模數約分得到。N (3b results Q, which will be discussed below. The value H is greater than or equal to 0 and less than N. As can be seen from equation (3), this division 'is a unitary integer result' and this number is the result of this division. Then H: the remainder. Therefore, the number u of the molecule u can be calculated using the structure Λ, and the eigen is the modulus, which can be obtained by dividing the modulus.

第9頁 200304616 五、發明說明(5)Page 9 200304616 V. Description of the invention (5)

H = AH = A

mod N (4 ) 應該指出的疋,任何浮點除法均可以切割為整數除法, 2即·舉:J來?二利用平移小數點、並四捨五入至次一個整 。在運异邏輯單70内的浮點除法通常會切割為整數除法。 進位 數目ί ί ^發明’本實施例會加入一個因數F ’其在' 數目糸統中乃是定義如下: 當這個例子僅Η 、 數乃是數目2,曰、做為二進位數目系統的範例時,這個底 這個因數F乃是這個底數2的指數e 一mod N (4) should point out that any floating-point division can be cut into integer divisions, 2 ie: J comes? Second, use the translation decimal point and round to the next whole number. The floating-point division within the OR logic order 70 is usually cut into integer divisions. The number of rounds 发明 发明 invention 发明 This embodiment will add a factor F, which is defined in the number system as follows: When this example is only Η, the number is the number 2, that is, as an example of the binary number system , The base factor F is the exponent e of the base 2

發明,這個因數F 必、項要滿足下列條件: 根據本 > 並且,當等式 插入不等式(6 )時, 2e > 母(G :Γ)個)因::決定乃是讓這個因數F及這個除法八 Q。 ))的乘積能夠大於想要計算的這個除刀 <々結果 應該指中沾s 出的疋’本發明並不需要知道這個 Ι1Η» 除法的確切Invented, this factor F must satisfy the following conditions: According to this > and when the inequality (6) is inserted into the equation, 2e > mother (G: Γ) factors: the decision is to let this factor F And this division eight Q. )) The product can be greater than the division knife you want to calculate < 々 The result should refer to 疋 out of the middle s ’The present invention does not need to know the exact Ι1Η» division

第10頁 200304616 五、發明說明(6) 大小。 ^固結果Q的大小等級’ ϋ以標示這個因數^的 小二i由這個分母及這個分子預測這個除法結果μ t Λ^^^^^ (6) Λ6!大 這個因數F : 2 $因此,這個演算法便可以獲得確保,p I大 w個因數F旎夠選擇為很大的數目。 ,、要 個因^是好%^擇為較小的數目,因為這 數f選擇為很大數、目疋的V法Λ才而//暫存器長度。*這個因 哭c 數目的^況下,本發明將會需要很長的暫卢 :二反,,當這個因_選擇為較小的情況τ,本發明則^ 二4用較短的暫存器。下列不等< (8)乃是表示二進位的 例子(等式(5 ))中、數量e的較佳大小:Page 10 200304616 V. Description of Invention (6) Size. ^ The size level of the solid result Q 'ϋ to mark the factor ^ of the small second i from the denominator and the numerator to predict the division result μ t Λ ^^^^^ (6) Λ6! The factor F: 2 $ Therefore, This algorithm can ensure that p I is large and w factors F are sufficient to select a large number. It is necessary to choose a small number because ^ is a good% ^, because the number f is chosen to be a large number, and the V method Λ is the // register length. * In the case of this number of cries, the present invention will require a very long temporary: two counter, when this factor _ is selected to be a smaller case τ, the present invention ^ 2 4 uses a shorter temporary storage Device. The following inequality < (8) is the preferred size of the quantity e in the binary representation example (equation (5)):

第11頁 200304616 五、發明說明(7) ------- 除此以外’等式(4 )亦會在兩邊乘以這個 ^ 得到等式(1 0 ) : 5 # u Η · F = A · F mod (N · F ) ( 10 ) 另外’下列不等式亦會同時成立: 〇 ^ Η · F ^ Ν · F (11) 不等式(11)乃是表示:不等式(10)的模數約分結果 必須位於這個模數Ν · F的餘數類別,亦即:必須大於或等 於〇、並且小於N.f〇 … 在等式(9)的右手邊 到下列等式: f加上及減去這個結果Q可以得Page 11 200304616 V. Explanation of the invention (7) ------- In addition, 'equation (4) will also multiply this on both sides to get the equation (1 0): 5 # u Η · F = A · F mod (N · F) (10) In addition, the following inequality will also hold at the same time: 〇 ^ Η · F ^ Ν · F (11) Inequality (11) means: the modulus of inequality (10) is reduced The result must be in the remainder category of this modulus N · F, that is: it must be greater than or equal to 0 and less than Nf 0 ... on the right-hand side of equation (9) to the following equation: f adds and subtracts the result Q Can get

AA

(12 ) 接著,本發明會轉換等(12) Next, the present invention will convert

邊的前兩項中將這個結果X U2 )、並由等式(12 )右手 會變成: " 的因數分解出來,等式(12)便In the first two terms of the edge, the result X U2), and the right hand of equation (12) will become: The factor of " is decomposed, and equation (12) will be

A · FA · F

(13 ) 或者, 轉換等式(1 2 藉以形成Η 本發明亦可以(13) Alternatively, transform the equation (1 2 to form Η The present invention can also

邊 亦手 C左 Q的 -式 F等 Η至 值換 差轉 \)/ }和 r總 1的 200304616 五、發明說明(8) 及Q的總和,而不是其差值: A-F-Q (N-F-l) + Η · F + Q (13’) 另外,將等式(13 )及 或,將等式(13 )及(13’) 可以等到下列等式: H-F - Q = A- F- Q (N · F + 1 ) (14) 下列等式則是π總和替代方案”的結果: Η · F + Q = A.F-Q (N · F -1) (14,) 比較等式(14 )及(14,)與等式(13 )及(13,),我 們可以得知:等式(1 4 )乃是一個新除法的新定義等式,其 中,等式(14 )及(1 4’)左手邊的差值或總和(亦即:輔 助數量(H.F-Q)或(H.F +Q)),其分別具有想要 計算的結果,會分別對應於分子A .F及分母(N.F +1)及 (N.F-1)的整數除法的餘數。 這個除法的餘數,亦即:等式(1 4 )左手邊的輔助數 量,可以利用類似於等式(4 )的下列等式(1 5 )加以計 算·· Η · F - Q = A · F mod (N · F +1) (15)Bian Yishou C, left Q, formula F, etc. to the value of the difference \) /} and r total 1,200,304,616 5. Description of the invention (8) and the sum of Q, not the difference: AFQ (NFl) + Η · F + Q (13 ') In addition, the equations (13) and or, and the equations (13) and (13') can be equal to the following equation: HF-Q = A- F- Q (N · F + 1) (14) The following equation is the result of the π-sum alternative ": Η · F + Q = AF-Q (N · F -1) (14,) Compare equations (14) and (14,) With equations (13) and (13,), we can know that equation (1 4) is a new definition of a new division, where equations (14) and (1 4 ') on the left-hand side The difference or sum (that is, the auxiliary quantity (HF-Q) or (HF + Q)), which has the result you want to calculate, respectively, will correspond to the numerator A. F and denominator (NF +1) and (NF -1) The remainder of the integer division. The remainder of this division, that is: the auxiliary number on the left-hand side of equation (1 4), can be calculated using the following equation (1 5) similar to equation (4) ... Η · F-Q = A · F mod (N · F +1) (15)

第13頁 200304616 五、發明說明(9) 因此,等式(1 5 )便可以表示這個姓 F - Q的模數約分,其中,想、要 除。果為辅助數值Η . 額外花費1用各種方法開方出I,如先^果Q可以不增加 式(1 5 )便可以構成這個除法( 述。如此,等 心模數約分。應該指出的是,上述 u))切割而成的中 是負數。在這種情況下,本發明 的差值亦可以 藉以滿足這個等式,因為,根個c個差值, 能是負數。 核數約分的結果並不 至於"總和替代方案"’本實施例將會得到下列等式: Η A · F mod (N · F -1 15’) 相it:文將要指&,經由這個辅助數值H.F +/- Q開方 心要计鼻的這個結果Q仍有其他各種方法。 個分ί A達及此-目:、’、本發明百先參考第3圖,藉以證實開方這 =數暫,器_,其健存有等式(15…邊的模 進 位元)侧。有說(最大位元)侧及LSB (最小 這個暫存器300乃是根據下文,藉以儲存這些數目η f 案,處數目:X F乃是一個大數目’且參考其位元圖 L a 應3於第圖所示的數目Η,因為這個數目H . F乃是經 取得(將數目Η向這個長數暫存器左邊平移丨個位 Η 第14頁 200J04616 五、發明說明(10) 置、並將這個因數F選擇為2e 除此以外,第3圖的二進位县 數目Η X F,亦會具有一個小長,暫存器300,相較於這個 算結果Q的負數或正數。倘婪\7目” —/+Qn,亦即··想要計 個因數F亦選擇為很大,使這:::數暫—存器300很大、且這 存器300中發生重疊時,如筮一 -及及+ Q均不會在暫 這個數目一Q便可以經由、含彳回所示的情況,則想要計算的 + Q則可以經由這個數目:Q f上300 4接讀取。這個數目 徵,這個暫存器的最小位元Us传到。根據這個特 考量(其將會得到這個數目侧的對應位元必須加以 存器300中的位元圖宰便可以利用習知的2’s補數,暫 元,藉以得到想要計案算便的了 如此,本實施例便可以僅僅執 將1加入倒轉的位元中。並且,太春斤早们异術運#其乃疋 術運异諸如.舉例來說’利用這個暫存器内容的減法。由 於這些數目Η · F及Q間的數詈罢佶 $什态円谷的減沄由 β坦从山 > 的數里差值’本發明可以輕易地,值 付-k = ’經由适個暫存器3〇〇個別 ::經由這個辅助數量(等式(15)的左手邊)開方這:數 目y 〇 、應該指出的是,這個因數F並不見得要選擇地這麼大, 使這些數目Η及一Q在第3圖所示的暫存器中完全沒有重疊。 即使在這些數目確實具有某個範圍的重疊時,如下文將會指 出,經由這個輔助數量開方這個數目Q亦是可行的。為達此 目的,進一步的模數約分將根據等式(16)加以執行:Page 13 200304616 V. Description of the invention (9) Therefore, equation (1 5) can represent the modulus reduction of the last name F-Q, among which, want to be divided. The result is an auxiliary value Η. The extra cost 1 is used to formulate I in various ways. For example, if Q is used, this division can be constituted without increasing formula (1 5). (In this way, the isocentric modulus is reduced. It should be pointed out However, the medium cut by u)) is negative. In this case, the difference value of the present invention can also be used to satisfy this equation, because the root c difference values can be negative. The result of the reduction of the kernel number is not as much as the "summation alternative" "This embodiment will obtain the following equation: Η A · F mod (N · F -1 15 ') Phase it: the text will refer to &, There are many other ways to calculate the result Q with this auxiliary value HF +/- Q. The points A A reach this-head :, ', the present invention a hundred first reference to Figure 3, to prove that the square of this = number temporary, device _, which has the equation (15 ... side of the modular carry bit) side . It is said that the (largest bit) side and the LSB (the minimum of this register 300 are based on the following, by which to store these numbers η f, the number of processing: XF is a large number 'and refer to its bitmap L a should be 3 The number 所示 shown in the figure, because this number H. F is obtained (the number Η is shifted to the left of this long number register 丨 one place) Page 14 200J04616 V. Description of the invention (10) Select this factor F as 2e. In addition, the number of binary counties Η XF in Figure 3 will also have a small, temporary register 300, compared to the negative or positive number of this calculation result Q. If greed \ 7 Project "— / + Qn, that is, if you want to count the factor F, choose to be very large, so that: ::: temporary-register 300 is very large, and overlap occurs in this register 300, such as -And + Q will not temporarily pass this number, Q can be passed, including the situation shown in the example, the + Q that you want to calculate can be passed through this number: 300 f on Q f to read. This number The minimum bit Us of this register is passed. According to this special consideration (it will get the corresponding bit of this number side must Adding the bitmap in register 300 can use the conventional 2's complement, temporary element, so as to get the calculation you want. In this embodiment, you can only add 1 to the inverted bit. And, 太 春 斤 早 MEN 异 术 运 # 其 是 疋 术 运 异 Such as, for example, 'use the subtraction of the contents of this register. Because these numbers F · F and Q numbers 詈The reduction of Kariya by β Tan from the mountain's number difference 'The present invention can easily, the value pay -k =' Via an appropriate register 3 00 Individual ::: Via this auxiliary quantity (Equation (15 The left-hand side of)) This is the square: the number y. It should be noted that this factor F is not necessarily chosen to be so large that these numbers and one Q are completely absent from the register shown in Figure 3. Overlap. Even when these numbers do have a certain range of overlap, as will be pointed out below, it is possible to square the number Q via this auxiliary number. To this end, further modulus reductions will be based on the equation (16) To be implemented:

第15頁Page 15

等式(1 6 )乃是對應於 現在亦考量這個因數F。 胥式(4 ),然而,等式(丨6 ) 在這個例子中,想要 〜 )的結果中減去等式=丨5 S戽的這個結果Q乃是由等式(i 6 力口以得到:Equation (1 6) corresponds to this factor F, which is also considered now. Equation (4), however, equation (丨 6). In this example, you want to subtract ~) from the result of equation = 丨 5 S 戽. The result Q is obtained by equation (i 6 get:

(H Q ) 17 當這個輔助數量(亦 列區別應該加以指出。在·差值Η · F - Q )為負數時,下 為負數時,這個模數(Ν·ρ式(15)的這個差值η· ρ 一 q 手邊,因為,根據定義 + 1)會加入等式(15)的左 數。如此,當這個辅助數旦、約分的結果將會永遠保持正 的左手邊時,本發明亦需負數、使模數加入等式(15) ),如下所示: 』而要考量由等式(u)減去等式(15(HQ) 17 When this auxiliary quantity (also the differences should be pointed out. When · difference-· F-Q) is negative, when the next value is negative, the modulus (the difference of the formula of N · ρ (15) η · ρ is q on hand, because by definition + 1) the left hand side of equation (15) is added. In this way, when the result of this auxiliary counting and reduction will always remain positive on the left-hand side, the present invention also needs to add a negative number and add the modulus to equation (15)), as shown below: (U) Subtract the equation (15

mod (N · F ) 一 A · F mod (N · F +1 ) + (18 ) 在下文中,我們將會參考第1圖,其係表示計算分子與 分母的除法結果或其整數倍(如下文將會指出)的較佳裝置 的方塊圖。為方便說明,這些定義運算乃是表示於第1圖的 方塊10。根據本發明的這個裝置具有裝置12,用以提供因數mod (N · F)-A · F mod (N · F +1) + (18) In the following, we will refer to Figure 1, which represents the calculation of the division result of the numerator and denominator or its integer multiple (as shown below) Will be pointed out). For convenience of explanation, these definition operations are shown in block 10 in FIG. This device according to the invention has a device 12 for providing a factor

第16頁 200304616 五、發明說明(12) (特別是數目e ),將這個因數構成底數2的指數,藉以分別 滿足不等式(6)及不等式(7)。 另^卜’根據本發明的裝置亦具有裝置丨4,用以計算這個 且用以執行等式(15)。最後,根據本發明 第3圖所述^的機^丨置16,用以利用各種方法(舉例來說,利用 ΓΛ&Λ /或計算額外的模數約分(等式⑴及利 助數量開方數目Q。 <、、口果)、經由這個輔 在下文中,我們將會參考第2圖,藉 存器的較佳方法,亦即 紹需要四個暫 斬在哭、篦站 刀于A之弟暫存器、分母N之第二 之暫存器。其中,第五姓if:暫存為、及第二辅助數量Η2 -、r,弟五結果暫存器可 者,分子暫存考、八再撕七 乂擇性地利用,或 器亦可以用來做為結果暫存器,如果需要=1之弟三暫存 在步驟20中’數值e首先會根、: 後,分子暫存器會載入第一乘積A .FY牛8)加以選擇。隨 母暫存器亦會重新載入第二乘5 ^二驟22)。隨後,分 模數約分係根據等式(16) $以二,)。在步驟26中’ 分母接著便會遞增i,藉以在步驟3〇中。待瞀步驟26之計算後’ (15)。在步驟32中,兩相 开中心約分等式 會接著執行,如等式(〗7、 4式(1 5 )及(1 6 )之減法將 計算。在步驟34中:我們在步驟仏中,差值會接著 這個結果為負數,則這個二;固結果是否為負數。倘若 到這個除法的結果Q (步驟38更曰加入(步驟36 ),藉以得Page 16 200304616 V. Description of the invention (12) (especially the number e), this factor is formed into the exponent of the base 2 so as to satisfy inequality (6) and inequality (7) respectively. In addition, the device according to the present invention also has device 4 for calculating this and for performing equation (15). Finally, according to the present invention, the machine ^ described in FIG. 3 is set to 16 for using various methods (for example, using ΓΛ & Λ / or calculating an additional modulus approximation (Equation ⑴ and the number of help squares The number Q. <, mouth fruit), through this supplement in the following, we will refer to Figure 2, the preferred method of borrower, that is, we need four temporary cuts in tears, stubbornly stand on the A Brother register, the second register of the denominator N. Among them, the fifth surname if: temporarily stores as, and the second auxiliary quantity Η2-, r, if the result register of the brother five is acceptable, the numerator temporarily holds the test, Eight and then seven can be used selectively, or the OR can also be used as a result register, if the need = = 1, the three temporary storage in step 20 'the value e will first root, and then, the molecular register will Load the first product A.FY cow 8) to choose. The second register will also be reloaded with the mother register 5 ^ 2 step 22). Subsequently, the fractional modulus is approximately divided according to equation (16) $ to two,). In step 26, the denominator is then incremented by i, so in step 30. After the calculation of step 26 '(15). In step 32, the two-phase open center division equation is then executed, such as the subtraction of equations (7, 4 (1 5), and (1 6)). In step 34: we are in step 仏The difference will be followed by the result being negative, then the two; whether the solid result is negative. If the result of the division Q is reached (step 38 is added (step 36)) to obtain

第17頁Page 17

Hi 200304616 五、發明說明(13) 倘右這個結果不是負數,則步驟3 4便會判斷:步驟3 2得 到的結果大於0,這個結果隨後將會直接輸出做為這個除法 的結果(步驟38,)。 ’、' 應該指出的是,本發明的第2圖實施例,在第3圖的二進 位長數暫存器3 0 0的數目Η及Q發生重疊時,將會特別有利, 因為第3圖的程序,亦即:選擇暫存器3〇〇的最低位元、並將 其倒轉以得到結果q,將不會同時產生正確的結果。在本 明的第2圖實施例中,經由差值H .2e 一 Q開方這個結/ 裝置16會具有步驟26、32、34、及36的功能。 如下文將會提到,根據本發明的方法可 =的情況下,計算除法結果的: = = (^^. 1) Λ //Λ :5)?/Λχ>1Hi 200304616 V. Description of the invention (13) If the result on the right is not negative, then step 3 4 will judge: the result obtained in step 3 2 is greater than 0, and this result will then be directly output as the result of the division (step 38, ). It should be noted that the embodiment of FIG. 2 of the present invention will be particularly advantageous when the number of binary long registers 3 0 0 and Q of FIG. 3 overlap, because FIG. 3 The procedure of selecting the lowest bit of register 300 and inverting it to get result q will not produce the correct result at the same time. In the embodiment of FIG. 2 of the present invention, the knot / device 16 will have the functions of steps 26, 32, 34, and 36 via the difference H.2e-Q-squared. As will be mentioned below, in the case where the method according to the present invention can =, the calculation of the division result is: = = (^^. 1) Λ // Λ: 5)? / Λχ > 1

同時乘上這個整數χ,藉以得到下左手邊結果Q Η χ A · F mod (ν · 19 當數目X大於1時,等式^ 亦即:這個因胸須是ΧΛ亦須考量這個因數F的選擇 模ΐ約i:”個結果Q、但這個模數(N .F + X)〖 揭數約分亦可以較χ = 1的 十X )启 將結果Q再除上χ加以達成。特/θ輕易地計算時,這亦可以 發明是利用二進位系統的時=整數倍、且; 對應數目的位置加以達成。w亦可以將暫存器向右平》Simultaneously multiply this integer χ to obtain the lower left-hand side result Q Η χ A · F mod (ν · 19 When the number X is greater than 1, the equation ^ means that the factor must be χΛ and the factor F must be considered. Choose modulo approx. I: "results Q, but this modulus (N.F + X) (the number of reductions can also be compared to ten X with χ = 1). Divide the result Q by χ to achieve. Special / When θ is easily calculated, this can also be invented by using the binary system where the time = an integer multiple and;; the corresponding number of positions are achieved. w can also flatten the register to the right "

200304616 五、發明說明(14) 等式(1 9 ),其類似於等式(丨6 )及(丨7 ),則會得到 數目Q的X倍。 開方數目Q及其整數倍(經由等式(19))的另一種方 法包括··利用下列等式(20 )以求解;等式(2〇 )大致上對 應於等式(1 9 ) ’但在這個例子中,這個整數y必須不同於 數目X。當等式(19)減去等式(2〇)時,等式(21)便可 以得到。在等式(21 )的左手邊,將不再產生這個結果Q, 而是這個結果Q的整數倍,亦即··整數y及數目χ的差值。這 個結果Q可以再除上(y — χ )、經由等式(2丨)再度得到。 這個除法可以省略’倘若整數y及數目χ的差值剛好等於1。 (20 ) A · F mod (21 ) H-F-Q.y = A- F mod (N · F + y ) (y—x) = A- Fm〇d (N-F +x) (N · F +y ) 式( 尤其 及有 應該注意的是’這 13’)至(15,)所 有鑑於此,本發明 適用於密碼演算法 效實施的模數約分 些參數X及y亦可以 述的程序。 ’由於其彈性、安 及密碼共處理器, 電路設計。 是負數,類似於等 全、效能,將可以 其上通常具有安全 200304616 圖式簡單說明 第1圖係表示根據本發明、除法計算裝置之方塊電路圖。 第2圖係表示根據本發明、較佳實施例方法之方塊電路圖。 第3圖係表示二進位長數暫存器的輔助數量表示法用以解釋200304616 V. Description of the invention (14) Equation (1 9), which is similar to equations (丨 6) and (丨 7), will get X times the number Q. Another method for the number of squares Q and its integer multiples (via equation (19)) includes using the following equation (20) to solve; equation (20) roughly corresponds to equation (1 9) ' But in this example, the integer y must be different from the number X. When equation (19) is subtracted from equation (19), equation (21) can be obtained. On the left-hand side of equation (21), this result Q will no longer be generated, but an integer multiple of this result Q, that is, the difference between the integer y and the number χ. This result Q can be divided by (y — χ) and obtained again via equation (2 丨). This division can be omitted provided that the difference between the integer y and the number x is exactly equal to one. (20) A · F mod (21) HFQ.y = A- F mod (N · F + y) (y—x) = A- Fm〇d (NF + x) (N · F + y) Formula ( In particular, it should be noted that 'this 13') to (15,) In view of this, the present invention is applicable to a program in which the cryptographic algorithm is effectively implemented and the parameters X and y can be described. ’Because of its flexibility, security, and cipher coprocessor, the circuit design. It is a negative number, similar to equivalence, performance, and will usually have security on it. 200304616 A brief description of the diagram. Figure 1 is a block circuit diagram showing a division calculation device according to the present invention. Fig. 2 is a block circuit diagram showing a method according to a preferred embodiment of the present invention. Figure 3 shows the auxiliary quantity representation of the binary long number register to explain

白這 ,個 輔 助 數 量 開方結果 的步驟。 元件 .符 號 說 明 10 定 義 方 塊 12 提 供 裝 置 14 模 數 約 分 裝 置 16 開 方 裝 置 20 決 定 輔 助 數 目 22 計 算 第 — 乘 積 24 計 算 第 —i — 乘 積 26 計 算 第 —幽 輔 助數量 28 遞 增 模 數 30 計 算 輔 助 數 量 32 由 額 外 輔 助 數量中減 去輔助數量 34 檢 查 結 果 符 號 36 加 入 模 數 38 ¥m 出 結 果 38’ Wm 出 結 果 300 長 數 暫 存 器In vain, this is a step that assists in counting the results. Element. Symbol description 10 Definition block 12 Provides device 14 Modulus reduction device 16 Square device 20 Determines the number of assistants 22 Calculates the first — product 24 Calculates the — i — product 26 Calculates the number — the number of secret assistants 28 Incremental modulus 30 Calculates the assistance Quantity 32 Subtract auxiliary quantity from additional auxiliary quantity 34 Check result symbol 36 Add modulus 38 ¥ m Out result 38 'Wm Out result 300 Long register

第20頁Page 20

Claims (1)

200304616 六、申請專利範圍 1· 一種計算一分子(A)及一分母(N)之一除法結果(q )及該除法結果(Q )之整數倍之裝置’包括: 裝置(12),用以提供一因數,其中,該因數之選擇係 讓該因數及該分母(N)能夠大於該結果(Q); 裝置(14),利用等於該分母及該因數之一第二乘積及 一整數之一總和之一模數以進行該分子及該因數之模數 約 分,藉以得到包括該結果之一輔助數量;以及 裝置(1 6 ),用以經由該輔助數量開方該結果或該結果 之整數倍。200304616 6. Scope of patent application 1. A device for calculating a division result (q) of a numerator (A) and a denominator (N) and an integer multiple of the division result (Q) includes: a device (12) for Provide a factor, wherein the factor is selected such that the factor and the denominator (N) can be greater than the result (Q); the device (14) uses a second product equal to the denominator and the factor and one of an integer Sum a modulus to perform a modulo reduction of the numerator and the factor to obtain an auxiliary quantity including the result; and a device (16) for exposing the result or an integer of the result by the auxiliary quantity Times. 2 ·如申請專利範圍第1項所述之裝置, 其中,該提供裝置係設計以決定該因數,藉以使該因數 等於一底數之一輔助數目指數。 3 ·如申請專利範圍第2項所述之裝置, 其中,該底數係2,藉以使該因數之乘法係對應於一暫 存器中位置之一數目之一平移,該複數位置係等於該輔 助 數目。 4 ·如申請專利範圍第1項所述之裝置,2. The device according to item 1 of the scope of patent application, wherein the providing device is designed to determine the factor, so that the factor is equal to a base number, an auxiliary number index. 3. The device as described in item 2 of the scope of patent application, wherein the base number is 2, whereby the multiplication of the factor corresponds to one of the number of positions in a register, and the plural position is equal to the auxiliary number. 4 · The device described in item 1 of the scope of patent application, 其中’負數係利用2,s補數表示,以及 其中’該輔助數量係儲存於一暫存器(300)中,且其 中’該開方裝置(16 )係包括一裝置,用以讀取包括該 結 果之該暫存器之一低位元部分(一 Q ),以及一裝 置, 用以倒轉一讀取數值及加1,藉以得到該除法結果 (Q )。 5 ·如申請專利範圍第1項所述之裝置, 其中’該開方裝置(丨6 )係包括:Where 'negative numbers are represented by 2, s complement numbers, and where' the auxiliary quantity is stored in a temporary register (300), and where 'the square device (16) includes a device for reading including A low-order part (Q) of the register of the result, and a device for reversing a read value and adding 1 to obtain the division result (Q). 5 · The device as described in item 1 of the scope of patent application, wherein ‘the square device (丨 6) includes: 第21頁 200304616 六、申請專利範圍 " -- 裝置(2 6 ),用以計算,做為一額外輔助數量,該分子 乘上該因數之一模數約分之一結果,其中,乘上該因數之 該分母係提供做為模數;以及 裝置(32),用以由該額外輔助數量中減去該輔助數 量,藉以得到該除法結果。 6·如申請專利範圍第1項所述之裝置, 其中’該除法係一整數除法。 7·如申請專利範圍第3項所述之裝置, 參 其中,該輔助數目之選擇係使其等於該分子之位置數目 減去兩倍該分母之位置數目加2。 8·如申請專利範圍第5項所述之裝置, /、中該開方裝置(丄6 )係開方安排,冑以決定(3 4 ) :結f是否為負數,及在該例中,將該模數加入該結 果,精以用於該模數約分裝置(14)。 9·如申請專利範圍第5項所述之裝置,更包括: 一,一暫存器,用以儲存該分子(A ); 一第二暫存器,用以儲存該分母(N); :第三暫存器,用以儲存該額外輔助數量(H2 ); 二第四1存器,用以儲存該輔助數量;以及 古:Ϊ存器控制單元’用以控制該計算裝置(14 )及該開 裝置(1 6 ),藉以得到該結果(Q )。 10·如申請專利範圍第丨項所述之裝置, 其中,該結果係乘上一整數倍加以計算, 八中’該提供裝置(12)係安排以提供一因數,其中,Page 21, 200304616 6. Scope of patent application "-device (2 6), used for calculation, as an additional auxiliary quantity, the numerator multiplied by one of the factors, the result is about one-half of the result, where, multiplied by The denominator of the factor is provided as a modulus; and a device (32) for subtracting the auxiliary quantity from the additional auxiliary quantity to obtain the division result. 6. The device according to item 1 of the scope of patent application, wherein 'the division is an integer division. 7. The device as described in item 3 of the scope of patent application, wherein the selection of the auxiliary number is made equal to the number of positions of the numerator minus twice the number of positions of the denominator plus two. 8. The device described in item 5 of the scope of the patent application, /, the square device (方 6) is a square arrangement to decide (3 4): whether the knot f is negative, and in this example, This modulus is added to the result and refined for use in the modulus reduction device (14). 9. The device as described in item 5 of the scope of patent application, further comprising: a, a register for storing the numerator (A); a second register for storing the denominator (N); A third register for storing the additional auxiliary quantity (H2); a second and fourth register for storing the auxiliary quantity; and an ancient: register control unit 'for controlling the computing device (14) and The opening device (16) obtains the result (Q). 10. The device according to item 丨 in the scope of patent application, wherein the result is calculated by multiplying by an integer multiple, and the providing device (12) in the eighth middle school is arranged to provide a factor, wherein, 圆 I晒 第22頁 200304616Circle I Sun Page 22 200304616 該因數之選擇伤祐# m & 乘 果, 該分母 該 上該整數f,及該分母之—乘積及該結 上茨玉數借j係大於該除法結果,以及 其中,該模數約分裝4 ( 1 6 )係、設計以利用等於 及4口數之一乘積與該整數倍之一總和之一模數。 11 ·如申请專利範圍第1項所述之裝置, 其中,該模數約分裝置(1 4 )係設計以利用等於該分母 及該因數之一乘積與一整數之一總和之一模數,复中, 整數係大於或等於1,及 八 其中’該開方裝置(丨6 )係安排以利用等於該分母及該 因數之一乘積與一額外整數之一總和之一模數執行一模數 約分,該額外整數係不同於該整數,藉以使該開方裝、置 (16)能夠在該額外整數及該整數之一差值等於1 時, 得到該除法結果、或得到該結果乘上一整數倍,該 整數p 係等於該額外整數及該整數之該差值。 1 2 ·如申請專利範圍第1項所述之裝置,其設計為一密碼裝 置之一密碼共處理器。 13 ·如申請專利範圍第1項所述之裝置’ 其中,該整數係負數,藉以使該結果在不需要倒轉的情 況下得到。 14.如申請專利範圍第11頊所述之裝置’ 其中,該額外整數係一負整數° / 、 步 1 5· —種計算一分子(A )及〆分母N之厂除法結果(Q )及該結果(Q )之-整數倍之方法’該方法包括下列The choice of the factor is hurt # m & multiplying the result, the denominator should be the integer f, and the denominator-product, and the number of jade numbers by j is greater than the result of the division, and where the modulus is approximately divided The 4 (1 6) system is designed to use a modulus equal to the product of one of the four numbers and a sum of the integer multiples. 11. The device according to item 1 of the scope of patent application, wherein the modulus reduction device (1 4) is designed to use a modulus equal to the product of the denominator and one of the factors and the sum of an integer, In the complex, the integer is greater than or equal to 1, and eight of the 'the square device (丨 6) is arranged to perform a modulus using a modulus equal to the product of the denominator and one of the factors and the sum of an additional integer. In the reduction, the additional integer is different from the integer, so that the square device (16) can obtain the division result or multiply the result when the difference between the additional integer and one of the integers is equal to 1. An integer multiple, the integer p is equal to the difference between the additional integer and the integer. 1 2 · The device described in item 1 of the scope of patent application, which is designed as a cryptographic coprocessor of a cryptographic device. 13 The device according to item 1 of the scope of patent application, wherein the integer is a negative number, so that the result can be obtained without reversing. 14. The device as described in claim 11 of the scope of the patent application, wherein the additional integer is a negative integer ° /, step 15 · — a kind of calculation of the factory division result (Q) of one numerator (A) and 〆 denominator N and The result (Q)-a method of integer multiples' The method includes the following 200304616 六、申請專利範圍 。 提供(12) —因數,其中,該因數之選擇係讓該因數及 該分母(Ν )之一乘積大於該結果(Q ); 利用等於該分母及該因數之一第二乘積及一整數之總和 之一模數,模數約分(14)該分母及該因數之一第一乘 積,藉以得到具有該結果之一輔助數量;以及 經由該輔助數量開方(1 6 )該結果或該結果之該整數 倍。200304616 6. Scope of Patent Application. Provide (12) — a factor, where the choice of the factor is such that the product of the factor and the denominator (N) is greater than the result (Q); using the sum of the second product of the denominator and the factor and an integer A modulus, the modulus is approximately divided (14) the denominator and a first product of the factors to obtain an auxiliary quantity with the result; and the result or the result is (1 6) squared by the auxiliary quantity The integer multiple. 第24頁Page 24
TW092102937A 2002-02-12 2003-02-12 Device and method for calculating a result of a division TW200304616A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE10205713A DE10205713C1 (en) 2002-02-12 2002-02-12 Apparatus and method for calculating a result from a division

Publications (1)

Publication Number Publication Date
TW200304616A true TW200304616A (en) 2003-10-01

Family

ID=7713793

Family Applications (1)

Application Number Title Priority Date Filing Date
TW092102937A TW200304616A (en) 2002-02-12 2003-02-12 Device and method for calculating a result of a division

Country Status (7)

Country Link
US (1) US7567999B2 (en)
EP (1) EP1474741B1 (en)
JP (1) JP4047816B2 (en)
AU (1) AU2003244870A1 (en)
DE (2) DE10205713C1 (en)
TW (1) TW200304616A (en)
WO (1) WO2003069462A2 (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10341804A1 (en) * 2003-09-10 2005-04-28 Giesecke & Devrient Gmbh Division of binary numbers
DE102006025569A1 (en) 2005-10-28 2007-05-03 Infineon Technologies Ag Modular multiplication process for cryptography uses multiplicand in three bit segments in an multiplication addition operation
DE102006025673B9 (en) 2005-10-28 2010-12-16 Infineon Technologies Ag Calculator for reducing an input number with respect to a module
DE102006025713B9 (en) 2005-10-28 2013-10-17 Infineon Technologies Ag Cryptographic device and cryptographic method for calculating a result of a modular multiplication
DE102006025677B4 (en) 2005-10-28 2020-03-12 Infineon Technologies Ag Device and method for calculating a result of a sum with an arithmetic unit with a limited word length
US7826612B2 (en) * 2006-06-29 2010-11-02 Intel Corporation System, method and apparatus for an incremental modular process including modular multiplication and modular eduction
CA2680048C (en) * 2007-03-06 2014-08-05 Research In Motion Limited Combining interleaving with fixed-sequence windowing in an elliptic curve scalar multiplication
US20100011047A1 (en) * 2008-07-09 2010-01-14 Viasat, Inc. Hardware-Based Cryptographic Accelerator
RU2661797C1 (en) * 2017-06-13 2018-07-19 федеральное государственное автономное образовательное учреждение высшего образования "Северо-Кавказский федеральный университет" Computing device

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4484259A (en) * 1980-02-13 1984-11-20 Intel Corporation Fraction bus for use in a numeric data processor
DE69229766T2 (en) * 1991-09-05 2000-03-23 Canon Kk Method and device for encrypting and decrypting communication data
FR2701323A1 (en) * 1993-02-08 1994-08-12 Trt Telecom Radio Electr Device for performing a division.
JPH0720778A (en) * 1993-07-02 1995-01-24 Fujitsu Ltd Remainder calculating device, table generating device, and multiplication remainder calculating device
DE4332674C2 (en) * 1993-09-25 2003-01-23 Unaxis Deutschland Holding Device for locking a flat, preferably circular disk-shaped substrate on the substrate plate of a vacuum coating system
US5493522A (en) * 1994-09-21 1996-02-20 Northrop Grumman Corporation Fast arithmetic modulo divider
US5710730A (en) * 1995-03-31 1998-01-20 International Business Machines Corporation Divide to integer
JP3660075B2 (en) * 1996-10-04 2005-06-15 株式会社ルネサステクノロジ Dividing device
US6088453A (en) * 1997-01-27 2000-07-11 Kabushiki Kaisha Toshiba Scheme for computing Montgomery division and Montgomery inverse realizing fast implementation
US6175850B1 (en) * 1997-02-03 2001-01-16 Nippon Telegraph And Telephone Corporation Scheme for carrying out modular calculations based on redundant binary calculation
US6065030A (en) * 1998-03-30 2000-05-16 Conexant Systems, Inc. Method and apparatus for implementing short-word division techniques in a multiple modulus conversion context
JP2000132376A (en) * 1998-10-27 2000-05-12 Fujitsu Ltd Remainder calculation method, multiplication remainder calculation method, remainder calculator, multiplication remainder calculator and recording medium
US7277540B1 (en) * 1999-01-20 2007-10-02 Kabushiki Kaisha Toshiba Arithmetic method and apparatus and crypto processing apparatus for performing multiple types of cryptography
US20020055962A1 (en) * 1999-11-12 2002-05-09 Richard Schroeppel Automatically solving equations in finite fields
DE10021920C1 (en) * 2000-05-05 2001-07-26 Infineon Technologies Ag Data processing method for modulo calculation of division remainder has whole number represented by partial data words with calculation of argument via recursive steps
US6763365B2 (en) * 2000-12-19 2004-07-13 International Business Machines Corporation Hardware implementation for modular multiplication using a plurality of almost entirely identical processor elements

Also Published As

Publication number Publication date
JP4047816B2 (en) 2008-02-13
EP1474741A2 (en) 2004-11-10
DE10205713C1 (en) 2003-08-07
EP1474741B1 (en) 2006-03-01
DE50302536D1 (en) 2006-04-27
US7567999B2 (en) 2009-07-28
AU2003244870A8 (en) 2003-09-04
WO2003069462A3 (en) 2004-04-15
JP2005517980A (en) 2005-06-16
US20050038845A1 (en) 2005-02-17
AU2003244870A1 (en) 2003-09-04
WO2003069462A2 (en) 2003-08-21

Similar Documents

Publication Publication Date Title
Bostan et al. Complexity of creative telescoping for bivariate rational functions
Weyl Algebraic theory of numbers
KR100756137B1 (en) Division and square root arithmetic unit
CN107305485B (en) Device and method for performing addition of multiple floating point numbers
WO2007012179A2 (en) Karatsuba based multiplier and method
TW200400465A (en) Computer-implemented method for fast generation and testing of probable prime numbers for cryptographic applications
TW200304616A (en) Device and method for calculating a result of a division
Hernández 𝐹-invariants of diagonal hypersurfaces
US20020126838A1 (en) Modular exponentiation calculation apparatus and modular exponentiation calculation method
JP3551113B2 (en) Divider
TW200403584A (en) Apparatus and method for calculating a result of a modular multiplication
JP2004519017A (en) Method and apparatus for multiplying coefficients
CN108334304A (en) digital recursive division
Shparlinski On short products of primes in arithmetic progressions
Damgård et al. Efficient algorithms for the gcd and cubic residuosity in the ring of Eisenstein integers
Jarso et al. Quadratic non-residues that are not primitive roots
Arazi et al. On calculating multiplicative inverses modulo $2^{m} $
US10318245B2 (en) Device and method for determining an inverse of a value related to a modulus
Dubrois et al. Efficient polynomial time algorithms computing industrial-strength primitive roots
Jacobson Jr et al. Efficient ideal reduction in quadratic fields
CN107196764A (en) A kind of RSA encrypting and deciphering processing methods and device
Thorup Combinatorial power in multimedia processors
Stojčev et al. A unified approach in manipulation with modular arithmetic
JP3136709B2 (en) Exponentiation unit
Miller et al. A heterogeneous decision diagram package